/* 
 * Copyright (c) 2019, CENTRIN.CIYUN.LTD. All rights reserved.
 */
package com.cory.admin.sys.controller.admin;

import javax.servlet.http.HttpSession;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.cory.admin.sys.config.AdminConstants;
import com.cory.admin.sys.controller.AdminController;
import com.cory.admin.sys.domain.entity.SysUser;
import com.cory.admin.sys.service.SysUserService;
import com.cory.boot.domain.bean.Result;
import com.cory.utils.security.CoderUtils;

/**
 * 修改密码
 * @author xiongcong
 * @date 2019-03-07
 */
@Controller
@RequestMapping("admin/sys/pwd")
public class PwdController extends AdminController {
    @Autowired
    private SysUserService sysUserService;

    @GetMapping("modify")
    public String modify() {
        return "admin/sys/pwd.modify";
    }
    
    @PostMapping("modify")
    @ResponseBody
    public Result<?> modify(HttpSession session, String oldPassword, String userPassword) {
        assertNotNull(oldPassword, userPassword);
        
        SysUser user = sysUserService.getById(super.getUserId());
        if (!user.getPassword().equals(CoderUtils.md5(oldPassword))) {
            return Result.fail("原始密码错误");
        }
        
        SysUser update = new SysUser();
        update.setId(user.getId());
        update.setPassword(CoderUtils.md5(userPassword));
        sysUserService.updateById(update);
        
        session.removeAttribute(AdminConstants.SESSION_DEFAULT_PWD);
        return Result.success("修改成功");
    }
    
    
}
